How to fix We've detected a potential problem with Jira's Dashboard configuration

Hi Charlie,

Pls find below what I changed in server.xml file:

<Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="true" scheme="https"
proxyName="jira.apps.com" proxyPort="443"/>

=========

In Jira Dashboard I did change the base URL to https however still same issue appears.

Thanks

hmm ok.

Something else I've seen is that the Jira server can not resolve its own URL.

what does nslookup jira.apps.com give you on the server?

If it can't find the (correct) IP address you can point jira.apps.com to 127.0.0.1 in the hostfile.

Other than that: do you see some gadget titles with __MSG__ ?

In that case I can recommend this article: https://confluence.atlassian.com/jirakb/fix-gadget-titles-showing-as-__msg_gadget-in-jira-server-813697086.html

Hi,

The nslookup resolves to the IP address of our Apache reverse proxy server.

Yes I do see  __MSG_gadget.activity.stream.title__  on the home page.

Will check the article.

Thanks

ok!

Things I encountered in the past but that are also mentioned in the article:

• If your SSL certificate is self-signed you will have to import it in the java truststore (cacerts)
• Make sure Jira URL is reachable from the server (you already told me DNS is OK, but can it be accessed over http?)
  Try curl -L -v https://jira.apps.com

Hi,

1. We are using wildcard SSL certificate from Digicert.

2. It is accessible using private IP with port 8080.

3. The curl output:

[root@jira ~]# curl -L -v https://jira.apps.com
* Rebuilt URL to: https://jira.apps.com/
* Trying 10.70.106.10...
* TCP_NODELAY set* connect to 10.70.106.10 port 443 failed: Connection timed out
* Failed to connect to jira.apps.com port 443: Connection timed out
* Closing connection 0
curl: (7) Failed to connect to jira.apps.com port 443: Connection timed out

Thanks

"Failed to connect to jira.apps.com port 443: Connection timed out"

This means the Jira server is not able to reach the Jira URL. The DNS is resolved but the port does not seem to be accessible.

It's most likely a firewall issue between your Jira server and the Apache reverse proxy server. I assume both run on different machines?

yes correct both are running on different machines.

So what you suggest?

Verify your firewall configurations. I'm not a network expert myself.

There are many ways to configure firewalls, best would be to talk to your network/ firewall admin if you have one.

sure...will check and get back with my findings.

Thanks

Hi,

I have a confusion here like while accessing Jira on https I am able to login with my credentials and able to see some part of the dashboard.

Does that not mean that Jira server is able to connect to Apache server?

May be problem is with the Apache config?

Just asking

Thanks

When you login via your browser the requesrt will go through the reverse proxy and to the Jira server.

For the dashboard the Jira server tries to reach itself via the reverse proxy server which seems to fail.

I fixed this issue by removing the extra connector in server.xml.
Actually tomcat server.xml were having two connectors on the same port,so I removed one and it fixed the error message.
However after that my Gadgets throw error:
"" gadget.common.error.500""

Any idea how to fix this?

Here is a related article about that error: Jira activity stream gadget throws gadget.common.error.500  But you already set you are using a certificate from a public CA.

Check your atlassian-jira.log right after opening the dashboard. It should give you more insights.

Ok will check the logs...

apart from this do I need to import a public SSL certificate into a JVM.

Thanks

Normally you don't have to unless you use a self-signed certificate. But you told me you don't.

Certificates from public CA's like Digicert are trusted by default by Java.
If it is an ssl issue it will be visible in the logs.

Hi Charlie,

Today after loading the dashboard I checked the logs under atlassian-jira.log and found this which might be helpful to see where the problem lies:

2023-08-06 08:50:11,649+0300 plugin-transaction-0 INFO [c.a.jira.plugin.PluginTransactionListener] [plugin-transaction] numberStartEvents:870, numberEndEvents:870, numberSendEvents:527, numberEventsInTransactions:14282, numberOfPluginEnableEvents:307
2023-08-06 08:50:13,237+0300 http-nio-8080-exec-12 ERROR mudasir 530x5767x1 1gh7q2r 10.70.74.186,10.70.106.10 /secure/Dashboard.jspa [c.a.g.r.internal.http.HttpClientFetcher] Unable to perform a request to: https://jira.apps.aecl.com/rest/gadgets/1.0/g/messagebundle/und/gadget.quicklinks
org.apache.http.conn.ConnectTimeoutException: Connect to jira.apps.com:443 [jira.apps.com/10.70.106.10] failed: connect timed out

=======

Also as discussed the output below is something we need to check?

[root@jira ~]# curl -v https://jira.apps.com
* Rebuilt URL to: https://jira.apps.com/
* Trying 10.70.106.10...
* TCP_NODELAY set
* connect to 10.70.106.10 port 443 failed: Connection timed out
* Failed to connect to jira.apps.com port 443: Connection timed out
* Closing connection 0
curl: (7) Failed to connect to jira.apps.com port 443: Connection timed out

Thanks

Hi,

when I check the atlassian-jira.log after loading the dashboard I received this in the logs:

2023-08-06 08:50:11,649+0300 plugin-transaction-0 INFO [c.a.jira.plugin.PluginTransactionListener] [plugin-transaction] numberStartEvents:870, numberEndEvents:870, numberSendEvents:527, numberEventsInTransactions:14282, numberOfPluginEnableEvents:307
2023-08-06 08:50:13,237+0300 http-nio-8080-exec-12 ERROR hajim 530x5767x1 1gh7q2r 10.70.74.186,10.70.106.10 /secure/Dashboard.jspa [c.a.g.r.internal.http.HttpClientFetcher] Unable to perform a request to: https://jira.apps.com/rest/gadgets/1.0/g/messagebundle/und/gadget.quicklinks org.apache.http.conn.ConnectTimeoutException: Connect to jira.apps.com:443 [jira.apps.com/10.70.106.10] failed: connect timed out

a connection timeout often means the port is not accessible.

Were you able to verify the firewall settings for traffic from the Jira server to the reverse proxy server?

I think traffic is not reaching on port 443 to the proxy server.

Should I add the below lines in the Jira Server:

I'm afraid the specific iptables commands are beyond my level of expertise.